<?php
$user = $_SESSION["adminLoggedUserName"];

$position = trim($_POST["position"]);
$title = trim($_POST["title"]);
$url = trim($_POST["url"]);
$description = trim($_POST["description"]);

switch ($_POST["operation"])
{
	// Add
	case "add":
		$operationName = "Inserción";
		$sql = "INSERT INTO links (
					created,
					createdBy,
					position,
					title,
					url,
					description
				) VALUES (
					NOW(),
					'$user',
					'".$db->escapeString($position)."',
					'".$db->escapeString(utf8_decode($title))."',
					'".$db->escapeString(utf8_decode($url))."',
					'".$db->escapeString(utf8_decode($description))."'
				)";
		break;
	// Edit
	case "edit":
		$id = $_POST["id"];
		$operationName = "Modificación";
		$sql = "UPDATE links SET
					modified = NOW(),
					modifiedBy = '$user',
					position = '".$db->escapeString($position)."',
					title = '".$db->escapeString(utf8_decode($title))."',
					url = '".$db->escapeString(utf8_decode($url))."',
					description = '".$db->escapeString(utf8_decode($description))."'
				WHERE id = '$id'";
		break;
	// Default
	default:
		echo "ko|No se ha especificado ninguna operación.";
		exit;
}

if (!$db->runQuery($sql)) {
	echo "ko|Error de MySQL: ".$db->getErrorDescription();
	exit;
}

echo "ok|".$operationName." correcta.";
exit;
?>
